<?php
// *** Tangra (Application Framework and Tools for PHP)


require_once(TANGRA_MAIN_DIR.'interfaces/i_db_storable.class.php');

require_once('user.class.php');


class User_DBC extends User implements I_DB_Storable {
	private $db_table_prefix;

	function __construct($db_table_prefix = '') {
		$this->set_db_table_prefix($db_table_prefix);
	}


	public function set_db_table_prefix($db_table_prefix) {
		$this->db_table_prefix = $db_table_prefix;
	}


	public function get_db_table_prefix() {
		return $this->db_table_prefix;
	}


	public function load_by_id(DB_Connection $dbc, $id) {
		$ret = false;

		$sql = "select username, ".
						"password, ".
						"disabled ".
					"from ".$this->get_db_table_prefix()."users where id = $id";

		$rez = $dbc->execute($sql);

		if (!$rez->is_eof()) {
			$rez_obj = $rez->fetch_object();
			$this->set_id($id);
			$this->set_username(stripslashes($rez_obj->USERNAME));
			$this->set_password(stripslashes($rez_obj->PASSWORD));
			$this->set_disabled($rez_obj->DISABLED);

			$ret = $id;
		}

		return $ret;
	}


	public function save(DB_Connection $dbc) {
		$ret = false;

		if ($this->get_id()) {
			$ret = $this->update($dbc);
		} else {
			$ret = $this->insert($dbc);
			$this->set_id($ret);
		}

		return $ret;
	}


	protected function insert(DB_Connection $dbc) {
		$ret = false;

		$id = $dbc->generate_id($this->get_db_table_prefix().'users_seq');
		if ($id) {

			$username = addslashes($this->get_username());
			$password = addslashes($this->get_password());
			$disabled = $this->get_disabled();

			$sql = "insert into ".$this->get_db_table_prefix()."users ".
								"(id, ".
								"username, ".
								"password, ".
								"disabled) ".
							"values (".
								"$id, ".
								"'$username', ".
								"'$password', ".
								$disabled.");";
			$dbc->execute($sql);
			$ret = $id;
		} else {
			throw new TE_Exception('ID not generated - users_seq');
		}

		return $ret;
	}


	protected function update(DB_Connection $dbc) {
		$username = addslashes($this->get_username());
		$password = addslashes($this->get_password());
		$disabled = $this->get_disabled();


		$sql = "update ".$this->get_db_table_prefix()."users set ".
							"username = '$username', ".
							"password = '".$password."', ".
							"disabled = $disabled ".
					"where id = ".$this->get_id();

		$dbc->execute($sql);

		return $this->get_id();
	}


	public static function check_login(DB_Connection $dbc, $username, $password, $prefix = '') {
		$ret = false;

		$sql = "select id from ".$prefix."users where username = '".$username."' and password = '".$password."' and deleted = 0 and disabled = 0";

		$rez = $dbc->execute($sql);
		if (!$rez->is_eof()) {
			$rez_obj = $rez->fetch_object();
			$ret = new User_DBC();
			$ret->load_by_id($dbc, $rez_obj->ID);
		}

		return $ret;
	}


	public static function user_exists(DB_Connection $dbc, $id, $prefix = '') {
		$sql = 'select id from '.$prefix.'users where id = '.$id;
		$rez = $dbc->execute($sql);

		$ret = $rez->is_eod() ? false : true;

		return $ret;
	}


	public static function delete(DB_Connection $dbc, $id, $prefix = '') {
		tangra_if_not_int_throw_e($id);
		$sql = "delete from ".$prefix."users where id = $id";
		$dbc->execute($sql);
	}


	public static function disable(DB_Connection $dbc, $id, $prefix = '') {
		tangra_if_not_int_throw_e($id);

		$sql = 'update '.$prefix.'users set disabled = 1 where id = '.$id;
		$dbc->execute($sql);
	}


	public static function enable(DB_Connection $dbc, $id, $prefix = '') {
		tangra_if_not_int_throw_e($id);

		$sql = 'update '.$prefix.'users set disabled = 0 where id = '.$id;
		$dbc->execute($sql);
	}


	public static function username_exists(DB_Connection $dbc, $username, $prefix = '') {
		$username = addslashes($username);

		$sql = "select id from ".$prefix."users where username = '$username'";

		$rez = $dbc->execute($sql);

		return (!$rez->is_eod());
	}


	public static function username_exists_update(DB_Connection $dbc, $username, $prefix = '', $own_id) {
		$username = addslashes($username);
		tangra_if_not_int_throw_e($own_id);

		$sql = "select id from ".$prefix."users where username = '$username' and id != $own_id";

		$rez = $dbc->execute($sql);

		return (!$rez->is_eod());
	}
}


